Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/81KZQ-u5F9g0MOVoHU9ewgY-QXg.roa
File: 81KZQ-u5F9g0MOVoHU9ewgY-QXg.roa (raw, json)
Hash identifier: 8UjV0Jm7R1QguHBx9y2wyolm/VjFBkdN2Pr8OyUJ+mY=
Subject key identifier: F3:52:99:43:EB:B9:17:D8:34:30:E5:68:1D:4F:5E:C2:06:3E:41:78
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0197742B81D97D98253947867AB8C59912A5
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/81KZQ-u5F9g0MOVoHU9ewgY-QXg.roa
Signing time: Sun 15 Jun 2025 15:18:17 +0000
ROA not before: Sun 15 Jun 2025 15:18:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198154
IP address blocks: 85.133.199.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.248.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:74:2b:81:d9:7d:98:25:39:47:86:7a:b8:c5:99:12:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 15 15:18:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3529943ebb917d83430e5681d4f5ec2063e4178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3f:98:5a:15:63:a8:0a:70:89:9d:e6:e7:30:
c2:04:8c:a8:03:f0:e1:b9:2a:e7:af:f0:60:b0:fa:
cd:a2:97:f7:c5:8f:08:5c:4f:15:6b:03:91:d3:1d:
5a:4c:4c:9e:25:9f:3e:2a:ce:b0:04:5c:f0:a2:8d:
28:84:ab:b2:5a:16:d6:cc:e9:1a:d8:b7:51:ea:9d:
64:c8:c0:dc:8c:d4:f1:28:bd:0d:d4:1a:3b:45:78:
c5:c7:ec:8f:33:57:4c:3f:44:c4:57:5c:da:c3:cc:
f8:d0:1f:46:8b:b4:d2:e0:80:ed:93:b1:41:1b:cc:
c7:7c:ed:30:03:db:66:b3:64:3a:e4:fe:bd:ef:2f:
05:e4:f2:5a:d9:e1:cc:1c:bd:d1:fa:b9:81:7a:3d:
84:95:a1:d8:42:17:8b:48:60:59:f6:70:82:2c:2e:
c2:1f:4e:d1:a4:4b:bd:90:a9:e0:18:b9:9a:b9:fc:
21:48:0c:12:55:12:20:bb:ca:a3:9f:38:12:52:bf:
e0:b1:de:ca:c5:8c:c3:87:ec:e5:62:a5:36:33:61:
4e:9a:02:b0:63:0e:6d:3f:af:87:02:83:fb:75:33:
7b:c4:10:91:94:3f:1d:e4:94:10:17:8a:00:51:08:
d4:40:ec:83:e4:ec:9c:d4:08:5d:ac:5b:0c:89:e7:
97:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:52:99:43:EB:B9:17:D8:34:30:E5:68:1D:4F:5E:C2:06:3E:41:78
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/81KZQ-u5F9g0MOVoHU9ewgY-QXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.199.0/24
85.133.221.0/24
85.133.225.0/24
85.133.248.0/24
85.133.250.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:99:5b:c0:29:fd:ff:36:62:63:a1:5f:f3:8d:73:4e:0f:04:
15:4a:51:43:02:bb:52:09:12:f3:b1:66:6d:d0:e3:67:7f:34:
4c:fc:c8:3d:f5:f2:49:08:e5:03:d8:c6:a7:d9:15:35:a8:f7:
ff:9b:8d:6f:77:c0:e8:fc:24:f5:2e:1c:ff:29:cd:d4:ed:89:
20:30:bd:26:23:20:18:be:9e:de:0a:16:38:d9:3b:5e:1c:07:
42:54:a7:81:07:4f:3a:37:7e:88:68:5d:06:b3:9c:76:5e:8b:
d7:91:f8:44:bc:cf:98:20:26:0a:65:d1:df:36:1a:75:97:5d:
0f:59:ef:ea:6e:5d:7d:3b:dc:65:93:06:23:38:46:85:71:e5:
d4:27:ad:75:e0:0b:9c:7a:e1:1f:2e:f8:d6:13:3e:9a:30:b0:
b9:46:49:94:2f:e4:99:ec:b1:c4:c9:50:9c:b4:2b:bf:f6:ee:
47:89:1a:d9:a5:2b:bc:4d:d2:51:71:64:99:bc:37:e7:8d:b8:
27:ec:03:ea:f2:41:79:5a:8c:c5:be:60:c3:cc:48:ef:b5:fe:
b6:9f:4a:f1:63:db:e7:36:38:60:1d:96:2a:f8:9d:0c:5b:4f:
cc:97:de:8f:c7:0e:c1:80:c7:a5:2e:e8:35:b5:99:c0:3a:4c:
d4:92:84:55
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZd0K4HZfZglOUeGerjFmRKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjUwNjE1MTUxODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzUyOTk0M2ViYjkxN2Q4MzQzMGU1NjgxZDRmNWVjMjA2M2U0MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6D+YWhVjqApwiZ3m5zDCBIyoA/Dh
uSrnr/BgsPrNopf3xY8IXE8VawOR0x1aTEyeJZ8+Ks6wBFzwoo0ohKuyWhbWzOka
2LdR6p1kyMDcjNTxKL0N1Bo7RXjFx+yPM1dMP0TEV1zaw8z40B9Gi7TS4IDtk7FB
G8zHfO0wA9tms2Q65P697y8F5PJa2eHMHL3R+rmBej2ElaHYQheLSGBZ9nCCLC7C
H07RpEu9kKngGLmaufwhSAwSVRIgu8qjnzgSUr/gsd7KxYzDh+zlYqU2M2FOmgKw
Yw5tP6+HAoP7dTN7xBCRlD8d5JQQF4oAUQjUQOyD5Oyc1AhdrFsMieeXBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPNSmUPruRfYNDDlaB1PXsIGPkF4MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvODFLWlEtdTVGOWcwTU9Wb0hVOWV3Z1ktUVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVYXHAwQA
VYXdAwQAVYXhAwQAVYX4AwQAVYX6MA0GCSqGSIb3DQEBCwUAA4IBAQComVvAKf3/
NmJjoV/zjXNODwQVSlFDArtSCRLzsWZt0ONnfzRM/Mg99fJJCOUD2Man2RU1qPf/
m41vd8Do/CT1Lhz/Kc3U7YkgML0mIyAYvp7eChY42TteHAdCVKeBB086N36IaF0G
s5x2XovXkfhEvM+YICYKZdHfNhp1l10PWe/qbl19O9xlkwYjOEaFceXUJ6114Auc
euEfLvjWEz6aMLC5RkmUL+SZ7LHEyVCctCu/9u5HiRrZpSu8TdJRcWSZvDfnjbgn
7APq8kF5WozFvmDDzEjvtf62n0rxY9vnNjhgHZYq+J0MW0/Ml96Pxw7BgMelLug1
tZnAOkzUkoRV
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:14:06 2025 by rpki-client